<?php
ob_start();
include_once "header.php";

if ($_SESSION['canAdmin'] == 1)
{

$postLevel = $killboardSettings['submitLevel'];

?>

<tr>
	<th>Change Submission Access Level</th>
</tr>

<?php
if (isset($_POST['postLevel']))
{
	include_once "config.php";
	
	if ($_POST['password'] != "")
	{
		$sql = "UPDATE `kb_settings` SET `submitLevel` = '" . $_POST['postLevel'] . "', `submitPassword` = '" . sha1($_POST['password']) . "' LIMIT 1";
	}
	else
	{
		$sql = "UPDATE `kb_settings` SET `submitLevel` = '" . $_POST['postLevel'] . "' LIMIT 1";
	}
		
	$queryResult = mysql_query($sql);
	
	?>
	<tr>
		<td>
		<p>Post Level Changed</p>
		<p><a href="index.php">Return Home</a></p>
		</td>
	</tr>

	<?php

}
else
{	
	?>
	<tr>
		<td>
		<p>To change the posting level, choose from the following options:</p>
		<form method="post" action="postsec.php">
		<table cellpadding="4">
		<tr>
			<td colspan="2"><input type="radio" name="postLevel" value="0" <?php if ($postLevel == 0) echo("checked");?> />Allow anyone to post</td>
		</tr>
		<tr>
			<td colspan="2"><input type="radio" name="postLevel" value="1" <?php if ($postLevel == 1) echo("checked");?> />Require Login, Allow anyone to post after login</td>
		</tr>
		<tr>
			<td colspan="2"><input type="radio" name="postLevel" value="2" <?php if ($postLevel == 2) echo("checked");?> />Require Login, Users have to be granted access</td>
		</tr>
		<tr>
			<td colspan="2"><input type="radio" name="postLevel" value="3" <?php if ($postLevel == 3) echo("checked");?> />Use a shared Password</td>
		</tr>
		<tr>
			<td>Shared Password (leave blank to keep existing password):</td>
			<td><input type="password" name="password" value="" /></td>
		</tr>
		<tr>
			<td colspan="2"><input type="submit" name="submit" value="Change" /></td>
		</tr>
		</table>
		</form>
		</td>
	</tr>

	<?php
}
}
else
{
?>

<tr>	
	<td>
	<h1>Error</h1>
	<p>You do not have sufficient access to view this page</p>
	</td>
</tr>


<?php
}

include_once "footer.php";
ob_flush();
?>